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" The MAILING DATE of this communication appears on tho cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication, 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .7CM(b). 

Status 

I) S Responsive to communication(s) filed on 25 May 2001 , 

2a)n This action is FINAL. 2b)M This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 13 Claim(s) 1-22 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner 

10)13 The drawing(s) filed on 14 March 2001 is/are: a)I3 accepted or b)n objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the connection is required if the drawjng(s) is objected to. See 37 CFR 1.121(d). 

II) n The oath or declaration is objected to by the Examiner. Note the attached Office Action orfonm PTO-152, 

Priority under 35 U.S.C. § 119 

12)K1 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)[3 All b)n Some * 0)0 None of: 

1 M Certified copies of the priority documents have been received. 

2O Certified copies of the priority documents have been received in Application No, . 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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3) 13 Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 
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6) □ Other: . 



U.S. Patent and Trademari< Office 

PTOL-326 (Rev. 1-04) 
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DETAILED ACTION 



Priority 

1 . Receipt is acknowledged of papers submitted under 35 U.S.C. 1 19(a)-(d), which papers 
have been placed of record in the file. 



2. The Information Disclosure Statement(s) received 25 May 2001 has been considered to 
the extent made possible by the translation of the relevant passages of the foreign patent 
publication. Please see attached PTO-1449(s). 



4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



Information Disclosure Statement 



Drawings 



The drawings filed on 14 March 2001 have been approved by the Examiner. 



Claim Rejections - 35 USC § 103 



5. Claims 1-7, 9-15 and 17-21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Rabeler (US 6,594,746) in view of Bandoo (US 3,803,559). 



• 



m 
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As in claim 2, Rabeler discloses a system comprising: 

a monitor flag for indicating that a specified address space is accessed (Column 3, line 66 
to column 4, line 2* Fig. 6, element 71; column 5, lines 44-45), where it is readily apparent that 
the mode bit of Rabeler acts as a flag to indicate when the address space occupied by the system 
mode program is accessed for execution (Column 1, lines 40-43); 

an access permission address range setting register, for setting an address range in which 
an access is permitted, that is able to be set while the flag is set (i.e. while in system mode) 
(Column 1 line 66 to colunnn 2, line 14; Fig. 3, element 32; column 4, lines 54-65); 

a judging means forjudging whether or not an access is carried out within the address 
range set during execution of software (i.e. a user program) (Fig. 3; column 4, lines 47-65); and 

control means for controlling an access with respect to a memory based on a result of the 
judging means (Fig. 3; column 4, lines 47-65). 

Rabeler does not teach an access permission setting register for setting whether or not an 
access with respect to an address other than the address range should be permitted, that is able to 
be set while the flag is set, nor does Rabeler teach that the memory access is controlled based on 
the content of the access permission setting access register as required by claim 2. 



Rabeler also does not teach an interruption request signal generating means for 
generating an interrupt to a processing unit when accessing an address other than the address 
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range while the access permission register is set so as not to permit access to an address outside 
the address range, whereupon a predetermined interrupt program is executed as required by 
claim 4. 

Bandoo teaches a system for inhibiting memory access based on an address range, 
comprising a protect check flip-flop (i.e. access permission setting register) that sets whether or 
not an access with the respect to an address other than the address range should be permitted, by 
overriding the result of an address range judging means such that memory access is controlled 
based on a result of the judging means and the content set by the access permission setting 
register (Fig. 3; column 3, hne 57 to column 4, line 7). Bandoo teaches that by this mechanism, 
a supervisory program may be allowed to conveniently access all memory areas (Column 4, lines 
45-57). 

Regarding claim 2, it would have been obvious to one of ordinary skill in the art at the 
time of invention by appHcant to incorporate the access permission setting register mechanism of 
Bandoo, in the system of Rabeler, in order to allow convenient access to all memory areas by a 
supervisory program as taught by Bandoo. 

Further regarding claim 2, because Rabeler teaches that all memory access inhibition 
registers can only be modified in system mode (i.e. when the monitor flag is set) (Column 2, 
lines 32-34), it would have been obvious to only allow modification of the access permission 
setting register while in system mode. 



e 
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Claim 1 is rejected using the same rationale as for the rejection of claim 2. 

Claim 3 is rejected using the same rationale as for the rejection of claim 2, further noting 
that Rabeler teaches a system program for setting all registers associated with inhibition of 
memory access (Column 1, lines 40-43; column 2, lines 32-34), where it is readily apparent that 
the system program must be executed prior to the user program in order for the security relevant 
information to be effective, and that the user program executes subsequent to the system 



Bandoo further teaches a generating means for generating an interrupt to the processing 
system when access to an address other than the permitted address range while the protect check 
flip-flop (i.e. access permission register) is set so as not to permit access to an address outside the 
address range, whereupon an interrupt handling routine of the supervisory program is executed 
(Fig. 4; column 5, lines 13-34). Bandoo teaches that this may be used to inform an operator of 
the condition (Column 5, hne 34). 

Regarding claim 4, it would have been obvious to one or ordinary skill in the art at the 
time of invention by applicant, to use the interrupt mechanism of Bandoo, in the system of 
Rabeler, in order to notify an operator of an attempted access to an address outside the address 
range as taught by Bandoo. 

Claim 5 is rejected using the same rationale as for the rejection of claim 4 above. 



program. 
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Claim 6 is rejected using the same rationale as for the rejection of claim 4, noting that 
Bandoo teaches the interrupt handling routine is part of the supervisory program (Column 5, 
lines 20-24). 

Claim 7 is rejected using the same rationale as for the rejection of claim 6 above. 

Claims 9-15 are rejected using the same rationale as for the rejection of claims 1-7 
respectively, where it is noted that Rabelar teaches that the memory comprises a rewritable non- 
volatile memory (Column 3, lines 7-19). 

Claim 17 is rejected using the same rationale as for the rejection of claim 1 above. 

Claim 18 is rejected using the same rationale as for the rejection of claim 2 above. 

Claim 19 is rejected using the same rationale as for the rejection of claim 3 above. 

Claim 20 is rejected using the same rationale as for the rejection of claim 4 above. 

Claim 21 is rejected using the same rationale as for the rejection of claim 6 above. 
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6. Claims 8, 16 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Rabeler (US 6,594,746) in view of Bandoo (US 3,803,559) as applied to claims 3 and 19 above, 
and further in view of Oppenheimer (David L. Oppenheimer et al, "Performance Signatures: A 
Mechanism for Intrusion Detection", 1997 Information Survivability Workshop - ISW'97). 

Rabeler and Bandoo are relied upon for the teachings relative to claims 3 and 19 as 

above. 

The combination of Rabeler and Bandoo does not teach a re-execution forbidding means 
for storing information indicating that an access is carried out beyond an access limit, wherein 
the control means controls the memory based on the information so that access is not carried out 
again beyond the access limit as required by claim 8. 

Oppenheimer teaches a general principle for survivability in a computer system subject to 
anomalous program behavior, where software components that are misbehaving are quarantined 
(i.e. prevented from re-executing) (Introduction, paragraph 1, lines 1-3). Oppenheimer defines 
one kind of anomalous behavior as a memory usage being outside a normal range (Section 1 , 
paragraph 2, lines 1-9; Section 2.1, lines 1-11). 

Although Oppenheimer teaches anomalous program behavior in the context of a hostile 
attack, to one skilled in the art Oppenheimer' s teachings would suggest general principles 
applicable to any anomalous program behavior. Furthermore, it is readily apparent in 
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Oppenheimer that an indication of anomalous behavior must be stored in order for the system to 
make reference to the condition during analysis of the anomalous behavior (Section 2.2). 

Regarding claim 8, it would have been obvious to one of ordinary skill in the art at the 
time of invention by apphcant to prevent a program from re-executing (i.e. quarantine) based on 
information stored indicating anomalous memory usage as taught by Oppenheimer, in the system 
made obvious by the combination of Rabeler and Bandoo, where the anomalous behavior is an 
access beyond an access hmit, in order to ensure survivability of the computer system against 
misbehaving software as taught by Oppenheimer. 

Claim 16 is rejected using the same rationale as for the rejection of claim 1 1 above. 

Claim 22 is rejected using the same rationale as for the rejection of claim 8 above. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to John M Ross whose telephone number is (703) 305-0706. The 
examiner can normally be reached on M-F 8:00 AM - 4:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Mano Padmanabhan can be reached on (703) 306-2903. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 



Conclusion 
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Information regarding the status of an application may be obtained from the Patent 
AppUcation Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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